Juniper simplifies secure log-in

Company adds support for a security standard to let remote workers access several applications without having to sign on multiple times.

Marguerite Reardon Former senior reporter

Marguerite Reardon started as a CNET News reporter in 2004, covering cellphone services, broadband, citywide Wi-Fi, the Net neutrality debate and the consolidation of the phone companies.

See full bio

Marguerite Reardon

June 28, 2004 10:30 a.m. PT

2 min read

Juniper Networks is trying to stay one step ahead of the competition with new features for its SSL VPN products acquired from NetScreen Technologies earlier this year.

New to Juniper's SSL VPN, or Secure Sockets Layer virtual private network, portfolio is support for an industry standard called SAML (Security Assertion Markup Language), which will let remote workers sign on just once to a corporate network and then avoid having to re-enter authentication information.

Normally, because SSL VPNs operate at the application layer, whenever a new application is opened, the person must go through the process of re-entering a username and password. This differs from IPSec VPNs, which operate at the network level. Once a person signs onto a network using IPSec, he or she has access to any application on the network.

Juniper is working with access management providers Entrust, IBM, Netegrity, Oblix, OpenNetwork and RSA Security to ensure interoperability with their management products that support the SAML standard.

SSL is an encryption technology embedded in Web browsers that can provide remote workers with secure access to the corporate network. Much has changed in the competitive landscape for SSL VPN appliances in the past year. Several start-ups have been gobbled up by bigger companies. And larger players such as Cisco Systems and Check Point Software Technologies have introduced their own SSL VPN products.

Juniper has become one of the top players in this small but growing market through its acquisition of NetScreen earlier this year. Even though Juniper already has a strong product, industry watchers said, the company needs to stay ahead of the pack in terms of innovation.

"It's important for Juniper to differentiate itself from the rest of the companies out there," said Robert Whiteley, an associate analyst at Forrester Research. "Juniper needs to prove to customers that it's still innovating."

Most equipment makers, including Juniper, already support some form of single sign-on for remote workers. But these solutions typically use text-based methods for storing and sharing authentication information, which are not very secure.

SAML is a security standard that uses XML and is much more secure and scalable than proprietary technologies available today, Whiteley said. SAML was developed by the Organization for the Advancement of Structured Information Standards, better known as OASIS.

SAML has typically been used on Web commerce sites, allowing shoppers to purchase items from various partners' Web sites without having to re-enter credit card information again and again. For example, someone could buy an airline ticket on American Airlines and then click to a Hilton Web site to book a hotel room.

Juniper is one of the first SSL VPN players to support the SAML standard. But Whiteley expects other leading companies, such as Aventail or Nortel Networks, to follow Juniper's lead, since many companies look for support of standards-based technology.